<?
require('config_take.php');
require('include_take.php' );

session_start();
if(!auth()){
  header('Location: login.php', true, 302);
  exit;
}

$jid = $_POST['jid'];
$sbj = $_POST['sbj'];
$bdy = $_POST['bdy'];
if(!$jid || !$bdy) back();

$db = new PDO('mysql:host=localhost;dbname=work');
$db->query('set names utf8');

$st = $db->prepare('insert into messages (jobID, sender, subject, body, date)'.
                   ' values (?, ?, ?, ?, now())');
if($st->execute(array($jid, $_SESSION['memberid'], $sbj, $bdy)))
  back();
else print_r($st->errorInfo());

function back(){
  //.($HTTP_REFERER ? $HTTP_REFERER : '.')
  header('Location: .', true, 302);
  exit;
}
